GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
328 advisories
Filter by severity
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute...
Moderate
Unreviewed
CVE-2020-10221
was published
May 24, 2022
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy...
Moderate
Unreviewed
CVE-2021-26685
was published
May 24, 2022
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via...
Moderate
Unreviewed
CVE-2016-7844
was published
May 17, 2022
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could...
Moderate
Unreviewed
CVE-2016-6459
was published
May 17, 2022
A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated...
Moderate
Unreviewed
CVE-2017-6606
was published
May 17, 2022
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation...
Moderate
Unreviewed
CVE-2017-3806
was published
May 17, 2022
WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS...
Moderate
Unreviewed
CVE-2017-2152
was published
May 17, 2022
Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated...
Moderate
Unreviewed
CVE-2022-22555
was published
Jul 22, 2022
IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code...
Moderate
Unreviewed
CVE-2022-33955
was published
Aug 2, 2022
Buffalo network devices WSR-3200AX4S firmware Ver. 1.26 and earlier, WSR-3200AX4B firmware Ver. 1...
Moderate
Unreviewed
CVE-2022-43466
was published
Dec 19, 2022
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and...
Moderate
Unreviewed
CVE-2015-7310
was published
May 17, 2022
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2...
Moderate
Unreviewed
CVE-2015-4330
was published
May 17, 2022
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless...
Moderate
Unreviewed
CVE-2022-20855
was published
Oct 1, 2022
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require...
Moderate
Unreviewed
CVE-2020-14947
was published
May 24, 2022
baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands...
Moderate
Unreviewed
CVE-2015-7769
was published
May 17, 2022
KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS...
Moderate
Unreviewed
CVE-2016-1141
was published
May 17, 2022
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1...
Moderate
Unreviewed
CVE-2015-6380
was published
May 17, 2022
PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users...
Moderate
Unreviewed
CVE-2015-7774
was published
May 17, 2022
eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp) web application before 2015...
Moderate
Unreviewed
CVE-2015-5673
was published
May 17, 2022
ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with...
Moderate
Unreviewed
CVE-2014-7269
was published
May 17, 2022
Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via...
Moderate
Unreviewed
CVE-2014-3883
was published
May 17, 2022
The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows...
Moderate
Unreviewed
CVE-2014-2565
was published
May 17, 2022
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to...
Moderate
Unreviewed
CVE-2012-4108
was published
May 17, 2022
The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code,...
Moderate
Unreviewed
CVE-2013-5703
was published
May 17, 2022
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password,...
Moderate
Unreviewed
CVE-2020-14342
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API